A short note for people not fluent in reading the output (like me!) - courtesy to Marc for helping me with this:
Certificate[0] info says in the "issuer" line: CN=VeriSign Class 3 International Server CA - G3 Certificate[1] says in its "subject" line: CN=VeriSign Class 3 Public Primary Certification Authority - G5' and the issuer is a primary certificate (i.e. no CN line) Certificate[2] has a "subject" line: CN=VeriSign Class 3 International Server CA - G3' and the "issuer" is CN=VeriSign Class 3 Public Primary Certification Authority - G5' So either the gnutls should support out-of-order certificates or we must use openssl or the server fixes the ordering and sends the current Certificate[2] before it sends Certificate[1]. AIUI the relevant rfc does not allow out-of-order sending but many clients are tolerant (gnutls is not). Unfortuantely I could not find a reference to quote. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1043376 Title: Certificate issues for different 3d secure server To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1043376/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
